InfoSec content strategist, researcher, director, tech writer, blogger and community builder. Senior Vice President of Audience Content Strategy at CyberRisk Alliance.
As VP and CISO of Advantage Solutions, Cybersecurity Collaborative, Blue Shield of California, and Kellogg’s, Young set new standards for excellence in the field.
SafeBreach Director of Research Tomer Bar shares how attacks are conducted, which APT groups have been most active, and how breach and attack simulation can help security teams fight back.
The latest phishing report from Zscaler ThreatLabz shows a 47.2% surge in phishing attacks in 2022 compared to the previous year – driven by cybercriminals using increasingly sophisticated techniques to launch large-scale attacks.
LastPass used Black Hat as the backdrop to announce availability of FIDO2 authenticators, including biometrics such as finger print or face ID and hardware keys, for its passwordless login solution.
Timely threat detection is essential. Every second that a malicious actor lingers inside your network, the odds increase that your organization could be the victim of a major malware attack. Nation-state APT actors are especially adept at staying hidden – but if you know what TTPs and IOCs to look for and you have comprehensive visibility into the...
As more organizations adopt multi-cloud strategies, security managers must develop a strategy to consistently protect web applications across hybrid environments, while preserving quality of security and operational efficiency. The traditional approach to application security no longer works in the multi-cloud, and anew approach is needed. Join us...
Tactics of adversaries to infiltrate the software supply chain have grown more sophisticated. Among them: co-opting the names of submissions in public code, with the ultimate goal being to use counterfeit code to compromise networks. How can organizations recognize pockets of risk that may exist within their own development efforts? What preventat...
New analysis from VMware delves deep into the most recent waves of the Emotet botnet, providing never-before-seen insights into the malware delivery mechanism’s malicious components and modules, its execution chains and its software development lifecycle. This webcast will reveal key findings and takeaways from VMware’s researchers, who mana...
Organizations have more security concerns than ever before (due to an increasingly volatile threat landscape, growing attack surfaces, and increased volume and complexity of security threats and alerts) and security operations will continue to be difficult for many organizations to effectively combat without the right combination of technology, in...
How IT risk translates into enterprise risk, and how we tie the two together.
What is IT risk? How has the definition shifted over the years as it relates to overall enterprise risk?What are key drivers of IT risk on a business today?How do you quantify and communicate IT risk in a tangible way? Why IT should be seen as an enabler, rather...
Join this webcast to learn about the findings from the 2023 State of Passwordless Security report and how you can use it to improve your organization’s security posture.
CRA VP of Content Strategy Bill Brenner, Bojan Simic, HYPR’s Co-founder, CEO and CTO and Andrew Shikiar, Executive Director & CMO, FIDO Alliance discuss key tak...
The Managed Detection and Response (MDR) market is heating up as lean security teams lacking the human and financial resources of larger organizations clamor for tools to uncover and stop cyber intrusions more quickly. They understand that when a bad actor penetrates their organization, every second counts. Many have learned this lesson the hard w...
Even cybersecurity pros struggle to address the unique challenges of Kubernetes and container security. It can be disorienting to take a career full of knowledge in more traditional platforms and apply it to the leading edge of declarative infrastructure and microservices. This webcast is designed to help security teams get over the initial cultur...
For developer and AppSec teams alike, securing critical components of the software supply chain, including open source libraries, container images, cloud infrastructure, and developer tools, is increasingly essential. But more often, tracking dependencies to fixing vulnerabilities can still be siloed because common tools and processes to create un...
Cyber risk and business risk are increasingly one and the same, and it’s about time that business-minded executives understood that reality when managing their budgets and agendas. With cybercriminal activity showing no signs of slowing down, companies must understand that a commitment to mitigating cyber risk represents an investment in the busin...
Open source code provides developers with the shortcuts they need to innovate and iterate faster. But due to a host of open source vulnerabilities, some shortcuts are safer than others. Metaphorically speaking, are your organization’s developers taking a well-lit, mapped-out shortcut, or straying down a mysterious, risky, and forebo...
As bad actors look to blur the lines between real and fake, cybersecurity experts need to stay one step ahead of tech-savvy fraudsters. A simple, yet robust set of fraud prevention practices is often the best approach for stopping fraudsters at the gate.In this impactful Q&A webcast, you will see through the lens of two expert solution enginee...
Though red teaming is sometimes perceived as pen testing with the gloves off, in reality, the goal of these engagements isn’t to prove how much damage these skilled testers can do. Modern red teams must set out to provide learning opportunities for organizations and their blue teams, running attack simulations to help teach them how to better prot...
Just because a business is mid-sized doesn’t mean the security risks it encounters are any smaller than those experienced by large enterprises. All organizations, regardless of size, face the same challenges around identity growth and management. A growth that places a greater burden on smaller organizations with limited resources that need to rem...
The U.S. Securities and Exchange Commission’s highly-anticipated new cybersecurity rules are finally in force, and deadlines are approaching quickly. Organizations, both public and private, will now have to take quick action to either establish or transform their cybersecurity programs to come into compliance with these new regulations and prevent...
A company’s data is its lifeblood and must be protected at all costs. But the larger the data pile, the harder it is to manage. Attackers know this and are on a nonstop hunt for holes in your tech stack to exploit. To have a fighting chance, organizations need to approach security as a team sport.In this SC webcast, host Bill Brenner sits down wit...
AppSec has long been considered a subset of IT security, but today’s threats make securing applications an imperative for the entire business. But how do you make it so?In this SC Cybercast, Alex Babar, VP of Solutions for cybersecurity company Brinqa, has a discussion with SC’s Bill Brenner about how Brinqa helped one client on its journey to eff...
Applications and software supply chains are constantly changing. So is the threat landscape.
Vulnerabilities, misconfigurations, exposed secrets, design flaws, sensitive data exposure, etc., will always be inevitable. That’s why application security remains such a vibrant market and why application security teams have a host of tools (SAST, SCA...
A new breed of adversaries has emerged — hybrid attackers. These assailants have mastered the art of combining multiple attack vectors, exploiting vulnerabilities and leveraging identities to execute one of the most devastating cybercrimes of our time — ransomware. Ransomware is not just the end goal; hybrid attackers often use it as part of their...
HTTPS is the gold standard for encrypting and protecting data on the web—yet almost 86% of cyberthreats hide in encrypted traffic, too. It’s a double-edged sword: even as encryption protects sensitive data, it’s a key means for threat actors to bypass defenses. With the bulk of malware, ransomware, and phishing attacks hidden in TLS/SSL, how can e...
In this webcast, we dissect the lessons derived from ransomware attacks involving MOVEit, Doubledrive, and the MGM/Caesars breach—to empower organizations in fortifying their cybersecurity defenses.
The session will commence with an in-depth analysis of the MOVEit ransomware attack, unraveling the tactics employed by threat actors to exploit vu...
There is often no better teacher than failure. Instead of waiting to learn from your own failures, why not learn from others? Find out what third party breaches can teach us about third party risk and vendor due diligence! This webcast with Bill Brenner and Enterprise Security Weekly host Adrian Sanabria will walk through:
Improving the vendor...
Balancing tight security budgets with growing threats is challenging for resource-limited IT teams. Taking the right approach, even organizations with 50 – 2,000 employees can build resilient and effective cybersecurity.
Learn proven methods for strengthening security from industry experts.
Moderated by Bill Brenner of CyberRisk Allian...
The technology world in 2030 promises a landscape radically transformed by unprecedented advancements. As the cloud engulfs everything, organizations will grapple with ephemeral technology, a surge in regulations, and an unrelenting need for speed that most organizations aren’t ready for. This webinar explores the future of compliance and risk in ...
The cybercrime economy is thriving, driven by financially motivated bad actors who have established lucrative “dark” businesses in the light of day. Bad actors prioritize efficiency to maximize their illicit earnings, using bots for everything from buying up coveted concert tickets to draining bank accounts to even more sinister endeavors to human...
High-profile breaches continue to highlight the multiple risks to organizations from their supply chain. With increasingly interconnected third-party networks leading to even greater risk exposure, it is not surprising that supply chain security is a top priority for both regulators and organizations. It is undoubtedly time to evolve our approach ...
Picus Security recently analyzed over 600,000 malware samples to identify the ten most common techniques leveraged by attackers.
Attend this webinar to learn about the key findings of the research, including the rise of evasive ‘Hunter-killer’ malware that systematically targets and impairs security controls to achieve its objectives.
Regist...
Identity and Access Management (IAM) solutions are no longer just ways to provide easy workforce access to applications, but critical tools in security and zero trust network access, creating the first line of defense against malicious actors and insider threats. In this panel discussion, experts from CyberRisk Alliance and CyberArk will shar...
In the digital age, identity serves as both a shield and a sword in the realm of cybersecurity. Statistics reveal that 74% of breaches stem from the human element, highlighting the paradoxical nature of identity in the cyber era. This panel explores the interplay between social engineering and technological sophistication to detect these Identity ...
It’s not rocket science, it’s network security. And yet for many organizations, the road to securing employees and information often results in trade-offs to performance, agility, scalable services, and user experience. While first-generation SASE solutions promised companies a way out of this complexity, those early deployments failed to resolve ...
In this webcast, we unravel the insights and implications behind the latest global AI security guidelines, distilling complex recommendations into four key takeaways that every cybersecurity professional should know. As nations grapple with the rapid adoption of artificial intelligence, regulatory bodies worldwide have collaboratively devised comp...
Cybersecurity tools, especially those experienced by end users, are often seen as blockers – built to create friction. We have been trained to believe that there must be a trade–off between security and user experience. If we are too strict users go around or just complain! Too lenient and we leave gaps for attackers to exploit. What if we b...
AI is fundamentally changing how software is written. Developers are increasingly relying on code generated by leveraging generative AI tools and application security experts are scrambling to understand and mitigate security risks. To counteract this emerging threat, the developer community must take proactive measures and foster a culture of con...
In today’s rapidly evolving threat landscape, enterprises face a daunting challenge: phishing attacks empowered by artificial intelligence (AI) and readily available phishing toolkits. Join this webinar to learn about the latest phishing trends, tactics, and predictions revealed in the Zscaler ThreatLabz 2024 Phishing Report. Experts from Th...
As cyber threats continue to evolve, security teams are constantly challenged with the task of fortifying their organization’s defenses against a myriad of potential vulnerabilities. In this SC Panelcast, Tia Hopkins, Chief Cyber Resilience Officer & Field CTO at eSentire, and Nathan Wenzler, Chief Security Strategist at Tenable, will de...
